VYPR
← All advisories
Unrated severityNVD Advisory· Published Jan 12, 2018· Updated Aug 5, 2024

CVE-2017-18027

CVE-2017-18027

Description

A memory leak in ImageMagick's ReadMATImage function allows denial of service via a crafted MAT file.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

A memory leak in ImageMagick's ReadMATImage function allows denial of service via a crafted MAT file.

Vulnerability

In ImageMagick 7.0.7-1 Q16, the ReadMATImage function in coders/mat.c contains a memory leak. When processing a specially crafted MAT file, allocated memory is not freed, leading to resource exhaustion. The leak occurs during decompression in decompress_block and ReadMATImage [2]. Affected versions include ImageMagick 7.0.7-1 and possibly earlier releases.

Exploitation

An attacker must deliver a crafted MAT file to a user or automated system using ImageMagick. No authentication is required; the user only needs to open the file (e.g., via the identify command). The memory leak is triggered during image processing, as demonstrated by AddressSanitizer output showing direct and indirect leaks [2].

Impact

Successful exploitation results in a denial of service by exhausting available memory. The leak totals over 26 KB per file (direct 13,488 bytes and indirect 13,024 bytes) [2]. Repeated processing of such files can crash the system. The CVE description only mentions denial of service, though the Ubuntu advisory notes that other ImageMagick vulnerabilities could lead to code execution [1].

Mitigation

Fixed in ImageMagick versions after 7.0.7-1. Ubuntu released updates in USN-3681-1 for Ubuntu 18.04 LTS and other supported releases [1]. Users should update their ImageMagick packages to the latest versions. No workaround exists other than avoiding processing untrusted MAT files.

References
  1. USN-3681-1: ImageMagick vulnerabilities | Ubuntu security notices | Ubuntu
  2. memory leak in ReadMATImage

AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

15

Patches

0

No patches discovered yet.

Vulnerability mechanics

Root cause

"A memory leak occurs in the ReadMATImage function when processing a crafted file."

Attack vector

An attacker can cause a denial of service by providing a specially crafted file to an application that uses ImageMagick to process MAT files. The vulnerability is triggered when the `ReadMATImage` function in `coders/mat.c` is called with such a file, leading to unreleased memory allocations [ref_id=1]. This can be exploited by remotely sending a malicious file to a vulnerable server or application.

Affected code

The vulnerability resides in the `ReadMATImage` function located in the file `coders/mat.c` [ref_id=1]. Specifically, the leak is observed during the decompression of blocks within this function, as indicated by the call stack in the provided reference [ref_id=1].

What the fix does

The provided bundle does not contain information about a patch or a fix for this vulnerability. The advisory indicates a memory leak in the `ReadMATImage` function within `coders/mat.c` [ref_id=1]. Remediation guidance would typically involve updating to a patched version of ImageMagick once available.

Preconditions

  • inputThe application must be able to process MAT image files.
  • inputThe crafted file must be a valid MAT file that triggers the memory leak.

Reproduction

testcase:https://github.com/bestshow/p0cs/blob/master/memory_leak_in_ReadMATImage966_x.mat

Generated on Jun 3, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

3

News mentions

0

No linked articles in our index yet.